Nginx-extras:: Get HTTP/2 with ALPN, PageSpeed, ModSecurity and much more in one single place
What is nginx-extras?
Nginx-extras is basically nginx stable release with lots of optional useful modules. It’s no longer required to compile nginx from sources to include PageSpeed module to easily speedup websites and improve SEO. Building nginx with latest OpenSSL is no longer important to support newest HTTP/2 protocol ALPN.
I used at first to manually compile nginx from source every time a customer wanted to switch from Apache to Nginx (LAMP to LEMP) to get decent performance for their websites. It was time-consuming to deploy and maintain so I decided to create packages (rpm) for CentOS 6 & 7. I added extras to their repository as it includes third party modules. With these packages, I’m able to setup a LEMP server in few minutes. I can also deploy a new module on all customer’s server by simply pushing a new package update to the repository.
Nginx-extras doesn’t have any dependencies on any packages not included by CentOS base and it won’t break anything because it will conflict if nginx is already installed on your system. It’s also fully compatible with Nginx Amplify and it’s in production on many websites since 2014. Among them, some high traffic websites.
The package changelog is available for CentOS 6 and CentOS 7. It’s updated frequently as you can see. A new build is created when a new nginx version is released or when a CVE is discovered and needs patching.
What is the difference between nginx and nginx-extras?
Nginx team, as well as EPEL, provide packages for CentOS. However, those don’t include any extra third-party modules. Here’s a list of some in-demand modules available with nginx-extras:
- PageSpeed
- Brotli
- ModSecurity v3
- Headers-More
- GeoIP v2
- PAM authentication
- MPEG-TS Live Module
- Fancy Index
- RTMP
- Cookie Flag
- And many more
It doesn’t end there. Nginx extras:
- Leverage dynamic modules. You can install the bare minimum nginx or any modules you wish, extending as you need. Not a bloatware nginx build!
- Is the largest collection of pre-built dynamic nginx modules on the Internet in a single repository
- Powered by CDN!
Getting started
There are currently packages available for CentOS/RHEL 6, 7 and 8. The easiest way to install is to use out CentOS yum repository (see dedicated repository page):
RHEL/CentOS 6
yum install https://extras.getpagespeed.com/release-el6-latest.rpm
RHEL/CentOS 7
yum install https://extras.getpagespeed.com/release-el7-latest.rpm
RHEL/CentOS 8
dnf install https://extras.getpagespeed.com/release-el8-latest.rpm
Once the repository is configured, you can proceed with installing NGINX extras. Thanks to the nature of dynamic modules, you can install just the modules you want instead of using bloatware NGINX installation. For example, to install NGINX with the PageSpeed module, run:
#> yum install nginx nginx-module-pagespeed
To list available modules for installation, run:
#> yum list available | grep nginx-module
To install the recommended group of modules for performance, you may want to run:
#> yum groupinstall "nginx extras"
… which installs nginx with PageSpeed and Brotli modules.
How to enable HTTP/2 with ALPN and confirm that it works
If you’re currently using nginx < 1.10, this means you’re using SPDY protocol to speedup Web traffic. Nginx switched from SPDY to HTTP/2 in version 1.10 (introduced in 1.9 mainline tree). Therefore, you will need to change all your “spdy” entries to “http2” if you upgrade to latest stable build:
listen 127.0.0.1:443 ssl spdy;
to:
listen 127.0.0.1:443 ssl http2;
There’s always more
The nginx itself shipped with nginx extras repository builds on stable and time tested runtime.
If you like to live on the edge, there’s a drop-in replacement for that runtime.
Read more about nginx-mod, which runs with latest OpenSSL, patched with full HTTP/2 HPACK support and dynamic TLS records.
Package maintainer and Feedbacks
I’ve been the only package maintainer of nginx extras for the past 2 years. All sources are committed with GIT on a private BitBucket repository. I may push them public on GitHub in the future.
Please provide any feedbacks if you use these packages. I also accept module or feature request to add more customization or enhancements to nginx extras.
